<?php
if(isset($_REQUEST['assegnato'])){
    $query = 'UPDATE users SET id_tipo_user ="'.$_POST['id_ruolo'].'" WHERE id="'.$_POST['id_user'].'"';
    $sql = mysql_query($query);

    Util::redirect();
    //User::assegnaRuolo($_POST['id_user'], $_POST['id_ruolo']);
        
}
?>
<br>
<div id="table">
<form method="post" action="profilo.php?action=users&id=1">

    <input id="usrcerca" name="username" type="text" value="" />
    <input name="trova" type="submit" value="Trova" />

</form>
<?php
if($_GET['id'] == 1){
    $usr = $_POST['username'];
    $sql = mysql_query("SELECT * FROM users u, tipo_user t WHERE u.id_tipo_user = t.id_tipo_user and username = '".$usr."'");

    $utenti = "select nome_tipo_user, id_tipo_user from tipo_user ";
            $result_utenti = mysql_query($utenti);
            $options = "";
            while($row_utente = mysql_fetch_array($result_utenti)) {
                $options .= "<option value='".$row_utente["id_tipo_user"]."'>" . $row_utente['nome_tipo_user'] .  "</option>";
            }

    echo "<br><table><tr align='left'>";
            echo "<th>ID</th>";
            echo "<th>Nome</th>";
            echo "<th>Cognome</th>";
            echo "<th>Usename</th>";
            echo "<th>Attuale</th>";
            echo "<th>Ruolo</th>";
            echo "<th>Assegna</th></tr>";
    while($row = mysql_fetch_array($sql)) {
        echo "<form action='#' method='post'>";
                echo "<input type='hidden' name='id_user' value='".$row['id']."' />";
                echo "<tr>";
                echo "<td color='green'>".$row['id']."</td>";
                echo "<td>".$row['nome']."</td>";
                echo "<td>".$row['cognome']."</td>";
                echo "<td>".$row['username']."</td>";
                echo "<td>".$row['nome_tipo_user']."</td>";
                echo "<td>";
                echo "<select name='id_ruolo'>";
                echo $options;
                echo "</select>";
                echo "</td>";
                echo "<td><input type='submit' value='Assegna' name='assegnato'/></td>";
                echo "</tr>";
                echo "</form>";
    }
    echo "</table>";
}
?>
</div>